Branding and Customizations Made Easy

Branding and Customizations Made Easy

Your brand is important. It’s a standard you uphold to communicate your company values and a message you’re sending to the world. Executing well on your brand means that you can efficiently apply your brand, voice, and design system to all of your user-facing properties and touchpoints. This includes publishing your logo, favicon, brand colors, assets, styles, and user-specific copywriting to all of these touchpoints. 

User authentication web experiences make up a critical portion of these user touchpoints. Just to keep things on-brand and personalized for users signing in, it can cost organizations hundreds of hours of expensive developer time writing custom code.

This is why we're excited to launch Branding—now generally available—allowing you to customize your brand consistently across your end-user’s journey without wasting precious hours of dev time. Your team can now easily customize your brand across Okta-hosted touchpoints and customer-facing communications based on the end user's profile and application. And you can deploy these branded experiences without adding custom code, providing ease of implementation and increased security.

Today, we’re celebrating the progress we’ve made in Branding by delivering three features that offer you greater flexibility, personalization, and customization—all with less code than ever before: 

  1. Branding (GA)
  2. Email Personalization (Limited GA)
  3. Custom domains with Okta-managed certificates (EA)

Let’s dive in!


Branding goes beyond advertising and distinctive design—it’s about trust as well. People who use the internet today are more vigilant than ever of phishing attacks and fraudulent attempts to steal their information. The number of user-facing experiences that have to be managed and on brand is higher than ever, so automation and orchestration are key to making that brand consistent and pervasive across those experiences.

As an Admin, you can now customize your end-user touch points from a central location in our Admin Console, without writing custom code. Branding customizes the Okta-hosted sign-in page, including all user authentication flows like registration, MFA, account recovery, consent, factor enrollment, and more. It also controls the Okta End-User dashboard, all of your Email templates including translated templates, and Error pages.

This allows you to create your theme once—including colors, logos, images, styles, and voice—and apply it everywhere at the same time. 

You can also bring your own privacy policy to be used in page footers and remove all mention of Okta for specific use-cases that require whitelabeling.

As a GA feature, our Branding is now automatically turned on!

FACUCDitX0RdthxtmO8mTOlIyT3KP7vUlI11jXKtd7V8rg nCfWfhNgAZBfmpu5yhxNSNHs 3dE yxLhXTiV2qujqoDsBLQpn4nXEgu04uFQ9bTZv bo8RtNWAUq8glsGjPayOw3

Brands APIs and SDK support 

For more complex branding use cases, we’re releasing new branding endpoints with SDK support, empowering your developers to automate and scale your stack with ease. You can either directly call our new Brands API, or use our suite of Management SDKs to programmatically manage all of your Okta brand resources at scale.

As a GA feature, our Branding APIs and SDKs are available to all for use!

Email Personalization with Velocity Templating Language 

Email personalization often involves managing hundreds, if not thousands, of email templates, which need to be branded correctly and maintain application context (which app did the user come from?). This requires a lot of manual dev work to customize and keep email templates accurate and up to date. With email personalization, you can dynamically update email templates based on user profile attributes and application-context.

Developers can now use a powerful templating language, Velocity Templating Language (VTL) for emails. This feature lets developers customize email templates with much greater flexibility. It changes the underlying email templating engine to VTL, which provides enhanced conditional logic and the ability to dynamically call all the attributes in the User profile object as well as org attributes. 

If you’re interested to use these features, and they’re not available in your current org, you can request the feature from the Okta support team.

Per app branding for emails (Okta Identity Engine

Our OIE customers can take this even further by customizing emails with the context of the app the user interacted with. For example, if your end user is part of a VIP group, you can provide them with customized messaging and branding for VIP members only. 

In addition, we’ve added code to seamlessly migrate any existing custom email templates to VTL, so that you won’t have to spend any time upgrading or migrating your existing work on emails. 

You can also click “Send Test Email” in the Admin Console to test the way your email displays in various mailbox clients.

This feature is automatically turned on for all OIE orgs.

Custom domains with Okta-managed certificates

Using your own trusted domain for the Okta login flow can ensure a great SSO experience, but it can also be a challenging go-live blocker. We’re democratizing this painful last step of migrating your authentication URLs to Okta by launching a much easier option for configuring custom domains.

With our new feature, Custom Domains with Okta-Managed Certificates, Okta automatically procures and renews your certificate so that you never suffer any downtime, and you have fewer hoops to jump through to ensure your users sign into a familiar, trusted domain.

This is powered by our new integration with Let’s Encrypt, a free certificate authority, which promises a more secure internet by serving over 260 million websites with TLS certificates.

What used to take hours can be completed with our new custom domain wizard and Domains API.

6CzB 68OeTXKMuv18P X7NlLoJkOCIcx1gb26lpDKjcjoxQjKMtEETpg QfSeApJWuboltiDVFAg yZwhwl4bqdX6pddO OtvDGissNFCmxCux1OCwO5DTEH0fmwUQyJbGMxpl3n

As a self-service EA feature, any org Super Admin can turn it on within the Admin Console UI (Settings >> Features).

1KsYd2UqDvwJp5htupt1oGy gROPWgyG6Dy4UE O2WtO60QRGoLHx OyHZhMAr8K0ysjxOGBRieDEOgPsg2YCVxFK0lawRsfO aK1CJ4XiIKm6ejnURx NzmseP0nR7TrHs byTh

Get started today

It’s crucial to keep your brand consistent across all of your digital touchpoints, and our new Branding features enable you to do just that. To help you onboard to our new branding and customizations capabilities, we’ve added a few easy guides within our Admin Console UI. You can also check out our product help docs.

CIAM Branding


Developer onboarding for branding and customization

To help developers get started, we’ve also published developer guides to help customize your themes, style the Okta-hosted sign-in page, brand error pages, and customize email templates. As always, our developer documentation is open-source, so you can click the link at the bottom to send a Github issue or pull request with any feedback or suggestions.